To configure REST API you need to edit the frontend configuration file
app/config/frontend.ini.php
, for example
$config['api'] = array(
'baseUrl' => '/api/v1',
'allowedOrigins' => array(),
'auth' => array(
'component' => 'MyCustomAuth',
'JWT' => array(
'expiresIn' => 600,
'alg' => 'HS256'
),
),
'formatting' => array(
'fields' => array(
// fields that should be removed from results
'remove' => array(
'title',
'Category' => array('name')
),
// fields (removed by default) that should be kept
'keep' => array(
'ip_created',
'Category' => array('object_type_id', 'priority')
)
)
),
'validation' => array(
'writableObjects' => array('document', 'event'),
'allowedUrlParams' => array(
'endpoint_name' => array('param_one', 'param_two')
)
),
'upload' => array(
'quota' => array(
'maxFileSize' => 8*1024*1024, // 8 MB
'maxSizeAvailable' => 50*1024*1024, // 50 MB
'maxFilesAllowed' => 500
)
)
);
Possible configuration params are:
baseUrl
the base url of REST API. Every request done tobaseUrl
will be handled as an API REST request via routing rulesallowedOrigins
define which origins are allowed. Leave empty to allow all originsauth
contains authentication configurations:component
define the name of auth component to use. By defaultApiAuth
Component is usedJWT
define some options used in Json Web Token :doc:`authentication </endpoints/auth>` as the "expires in" time (in seconds) and the hashing algorithm to useformatting
permits to setup some fomatting rules as object fields to :ref:`remove <formatting-remove-fields>` or to :ref:`keep <formatting-keep-fields>`validation
setup some validation rules used generally in write operations or to validate request and data:writableObjects
define what object types are writableallowedUrlParams
define which :ref:`query string paramters are valid for endpoints <configure-allowed-query-string-conf>`
upload
the upload configuration. Contains:quota
is an array with space and files limits available for every user. See :ref:`quota-limits`.